Embracing the Cloud for Better Cyber Security

Size: px
Start display at page:

Download "Embracing the Cloud for Better Cyber Security"

Transcription

1 Embracing the Cloud for Better Cyber Security Craig A. Shue and Brent Lagesse Cyberspace Science and Information Intelligence Research Computational Sciences and Engineering Oak Ridge National Laboratory {cshue, Abstract The future of cyber security is inextricably tied to the future of computing. Organizational needs and economic factors will drive computing outcomes. Cyber security researchers and practitioners must recognize the path of computing evolution and position themselves to influence the process to incorporate security as an inherent property. The best way to predict future computing trends is to look at recent developments and their motivations. Organizations are moving towards outsourcing their data storage, computation, and even user desktop environments. This trend toward cloud computing has a direct impact on cyber security: rather than securing user machines, preventing malware access, and managing removable media, a cloud-based security scheme must focus on enabling secure communication with remote systems. This change in approach will have profound implications for cyber security research efforts. In this work, we highlight existing and emerging technologies and the limitations of cloud computing systems. We then discuss the cyber security efforts that would support these applications. Finally, we discuss the implications of these architectural changes, in particular with respect to malware and social engineering. I. CLOUD COMPUTING S IMPACT Organizations and users have proven willing to outsource their services and data to remote providers. These providers can offer a varying degree of service, from software-as-aservice to platform-as-a-service models. They can provide simple data storage or provide processing support. This outsourcing phenomenon fits under the broad paradigm of cloud computing. While some may use this term broadly, within this document, we use cloud computing only to refer to outsourced processing and storage, as in the case of software and platform services. A. Cloud and Pervasive Computing Cloud computing provides an excellent opportunity to expand pervasive computing. In particular, cloud computing can enable systems consisting of resource constrained devices to perform intense computations [1]. Further, cloud computing enables mobile devices to access a large store of information from nearly anywhere. Rather than developing pervasive systems that attempt to intelligently move or cache important data, these systems can now just store the data in the cloud and rely on it to be available when needed elsewhere. We use an example scenario to demonstrate the relationship between cloud computing and pervasive computing. Consider atypicaluser,alice,andherinteractionswithtechnologyfor a day. She may begin her day by waking up to her alarm clock and preparing for work. As she walks to her car, she reads the morning s news on her smart phone that was pre-fetched for her and distributed to her phone by her cloud services. If she has not finished her reading when she gets in her car, the cloud can perform a text-to-speech conversion of her news articles and read them to her as she drives. Upon completion of the news, she can stream her music repository to her car. Once at work, Alice can seamlessly move from her office to meeting rooms throughout the day while maintaing access to all of her information, applications, and sessions due to her cloud services being accessible from any machine. Even after returning home, she can relax with her favorite computer game through her desktop computer. If hosted by her cloud provider, she will not lose progress in her game even if the power fails; instead, she can continue playing through her smart phone. To enable such a scenario, we must address new challenges in securing the information stored on the cloud and the access to it. The adoption of cloud computing as a part of pervasive systems will affect security in pervasive systems. By using the cloud as a processing and storage powerhouse for pervasive systems, the focus of security in these systems will shift to ensuring that the data and processing controlled by a third party is secure, and the transmission of data between the cloud and the pervasive system is secured. Further, since pervasive systems often enable users to log on from any number of devices, as demonstrated in the example above, authentication mechanisms will also be of high importance. Cloud computing can advance the pervasive computing goal of making computers invisible to the user. Cloud systems can perform complex tasks while revealing a small, portable interface to the user. Likewise, the demand for small, mobile, and energy-efficient systems by pervasive computing applications will drive the progression of cloud computing. The benefits that cloud computing can bring to pervasive computing must not be negated by leading to insecure systems or obtrusive security mechanisms. Any attack on a system detracts from the invisibility of the pervasive computing vision [2] as it can result in a variety of damaging consequences. Furthermore, any obtrusive security mechanism in a system detracts from this vision and distracts the user from their goals. B. Current Technologies Cloud computing provides efficiencies for organizations. Rather than attempting to maintain patching, backup and recovery services, and software licensing for hundreds of machines, organizations employing cloud technologies can simply make users machines into consoles that access net-

2 work storage or terminals for remote computation. These cloud-based systems can be instantiated in various approaches: Terminal Services: Microsoft s Remote Desktop, Virtual Network Computing (VNC), and Citrix s terminal services clients allow users to access an entire desktop environment from a remote server. Web-Based Productivity Tools: The Docs Web application from Google and the Office Web Apps from Microsoft are two examples of software as a service. These tools provide users with remote data storage and provide software through a Web browser. Google s Chrome operating system is designed to provide only a Web browser, making the computer a terminal to Webbased applications. Window Forwarding: Unix and Linux-based systems have long had the ability to forward individual graphical windows to remote systems. This allows a client system to render the window and manage the interface while still executing the application on the server system, possibly in closer proximity to the data. Remote Storage: Amazon s Simple Storage Service and Mozy s online backup services allow a user to store data in remote systems. These services provide redundancy, allowing users to have greater reliability in case of disk or system failures. The benefits and lower costs of these cloud services enable systems and organizations to offload responsibilities that were previously handled internally. Many of these services scale well, allowing providers to leverage economies of scale to reduce costs while developing specialized services. C. Emerging Technologies Recent technological advances can offer greater support to cloud computing. Developers of modern Web browsers have optimized their Javascript engines, including just-in-time compilation and hardware acceleration, to expedite processing for clients. These optimizations allow Web sites to use more complicated client-side functionality without degrading client-side performance. Web browsers now natively support standards such as HTML5, allowing the integration of video and animated content without requiring third-party plug-ins, allowing sites to have rich interactions with the user. Web browsers also have begun implementing isolation to prevent actions in one Web browser window from affecting other windows. This isolation allows the browser to continue functioning, even if one window malfunctions. Combined, these Web browser optimizations allow Web sites to provide clients with code that will execute in an independent, isolated environment. This provides flexibility to Web-based applications without endangering the client. D. Likely Progression With the national focus on high-speed Internet deployment, increasingly complex cloud services will extend toward many new users and platforms. With evolutionary optimizations in Web browser technology, the continued adoption of rich, Web-based applications is likely. Accordingly, users will have decreased need to install or maintain host-based applications. The Google Chrome OS is an example of an operating system that has been greatly simplified, largely operating to support awebbrowser. With greater network availability, client devices are more likely to resemble terminals to remote resources. This approach will allow pervasive system interfaces to become smaller and lighter without sacrificing functionality. As an example, a recent demonstration showed a smartphone running a notoriously graphically/compute intensive game [3]. In the demonstration, a computation system simply pushed the rendered pixels for the smartphone to display, reducing the smartphone into a simple input/output device. With the pervasive computing researchers working on mechanisms to determine which computation to perform on the client and which to perform remotely, we are likely to see seamless execution across heterogenous devices. II. LIMITATIONS OF CLOUD COMPUTING While likely to play an important role in the future of technology, cloud computing is not without its limitations. However, these limitations are also opportunities for cyber security researchers to influence technological advancement in awaythateliminatesmodernsecurityproblems.thefollowing are some prominent limitations: Lack of Control and Interoperability: When users and organizations place their data in cloud systems and become reliant on a cloud provider, they lose some control and flexibility over their data and processing. Further, because providers may not be interoperable, the users and organizations may be unable to transfer their assets to another provider should the need arise. Lack of Privacy: To use cloud services, users and organizations expose their data to the cloud provider. In some contexts, this exposure may be unacceptable. Safety of Cloud Servers: Cloud service providers aggregate a great deal of data, making them an attractive target for attackers. These servers must be protected while still being able to flexibly support services for clients. Client Authentication: Clients must be able to regularly authenticate to a variety of remote service providers. The current client authentication approach, using passwords, does not scale and largely forces users into poor practices. Abetterapproachmustbedeveloped. Resource Allocation: While cloud providers services are likely to perform most operations, some services may be delivered more efficiently if client support is integrated. Automatically detecting and utilizing client resources is akeyareaofresearchtosupportcloudcomputing. Connectivity and Mobility: Cloud services naturally require network connectivity between the client and the service provider; however, these services may be unavailable to users in remote locations or on airplanes. We now discuss each of these limitations and their opportunities in greater detail.

3 A. Lack of Control and Interoperability In out-sourcing their data and computation, organizations and users lose a degree of control over their data. If all of auser sdataisstoredbytheproviderandtheprovideris no longer available, the user cannot obtain his or her data. If the provider changes their terms of service in a way that is not acceptable to the user, the user may have no options to transport his data to another system. In the case of software-as-as-service providers, organizations are restricted to the applications provided by the cloud service provider. If the cloud service provider does not offer a particular service or feature, organizations have no convenient way of adding the functionality. In traditional computing, users can use scripting or compiled languages to perform processing, giving them greater flexibility and control. Opportunities: With multiple providers and competition, users can regain control over their data. With a clear, universal application programming interface (API) to cloud services and the user s authorization, competing service providers would be able to access and manipulate the data on another service provider. Such an API would also enable pervasive systems to run seamlessly between providers and allow interaction between users on different providers. Another possible solution is the deployment of systems such as cloudlets [4]. Platform providers host virtual machine images which users must populate to perform their computation. These systems provide users more control, but may require user applications to be written for the system. Some languages and programs are sandbox-aware, such as Java, while others can be executed in chroot environments. However, some variants of attack code are able to break out of virtualized environments, allowing access to the system. Accordingly, research that can secure or provably verify the integrity of these environments will allow cloud providers to grant greater access and flexibility to their users without sacrificing security. B. Lack of Privacy In many cloud systems, the provider mines the user s data in order to provide advertising or collect aggregated data that can be used to offset the costs of providing the service. This lack of confidentiality may not be acceptable, especially when the cloud system supports a sensitive context-aware system [5]. In other instances, users may lose some degree of legal protection when their data is hosted by a third party. Opportunities: Recent advances in homomorphic encryption have provided mechanisms for performing operations on the encrypted version of data and deterministically affecting the unencrypted version [6], [7]. For cloud computing applications, this would allow an organization to outsource computation while not exposing the actual information to the remote system. Unfortunately, these approaches often require specialized computation and are computationally expensive. C. Safety of Cloud Servers While resource constrained devices may not be able to store all their relevant information locally, they cannot completely offload this information to cloud providers without additional protections. Cloud computing systems have become an attractive target to attackers [8]. Further, while these providers may currently be trustworthy entities, they are not immune to business failures. If a cloud provider s business fails, it may sell off user data as an organizational asset. These providers can also be acquired by other organizations, which would obtain the user s information. Opportunities: By leveraging support from resource constrained devices, users can reduce the attractiveness of stored cloud data to adversaries. Currently, most cloud data is stored in an unencrypted format or in an encrypted format in which the cloud provider holds the encryption/decryption keys. Instead, we can restrict cloud computing data stores to handling only encrypted data and rely upon the user s explicit approval to access the data. Rather than requiring the user to be involved in encryption/decryption, the user could use a third-party broker to provide unlocking support to the cloud, allowing the cloud to decrypt pieces of data needed to satisfy auser srequest.bydoingso,resourceconstraineddevices would still be able to interact with the cloud while maintaining the security of their data. With such systems, an insider or external attacker at that organization would be unable to access user data that was not actively being processed by the cloud. When combined with homomorphic encryption schemes for Web application providers, only the user would ever have access to the unencrypted information. To ensure availability in case of an attack or disaster, cloud data must also be stored redundantly at multiple physical locations. Data storage may be provided by multiple provider organizations to ensure no organization has exclusive control or responsibility over the user/organizational data. D. Client Authentication With so much remote execution, cloud computing requires robust credential management that enable secure logins to multiple cloud services from multiple devices in a seamless manner. The password schemes currently employed are a burden on users and have practically forced users into poor practices. Generally, users can remember a small number of passwords, yet each Web resource generally requires users to develop a unique set of credentials. Services such as OpenID, which allow users to have a single set of credentials for multiple sites, are powerful, but may be inappropriate for sensitive institutions such as banks or government sites. Users may instead be able to use one-time-password devices, but they would need to have a unique device for each remote site to prevent one site from being able to use the credentials to authenticate to another. Opportunities: Rather than use passwords, users can instead leverage mobile devices. If properly isolated from the devices s general computing and communication hardware, asecurededicatedcircuitcouldbecreatedtomanagehash chains for multiple sites. To further increase security of the approach, the hash chain could be manually seeded by the mobile device and a visual depiction of the seed value trans-

4 mitted to the remote site via a camera capture of the mobile device s screen. In Figure 1, we provide a visual depiction of the authentication process. To authenticate, the user could then select the appropriate Web resource and then present the mobile device s screen to the computer s camera, allowing the Web site to obtain the device s hash value from the visual depiction and compare it with the locally derived hash, authenticating the user. This approach allows greater key sizes and entropy than passwords, making exhaustive enumeration attacks challenging while still making the technology usable for people. Mobile Device Fig. 1. Web Camera Client System Internet Cloud Server Secure Communication Channel Mobile device for remote authentication Fortunately, the technology for this kind of authentication already exists. Software for reading QR-codes is common on many modern smartphones [9]. Likewise, these devices are able to display barcodes that can be read by simple barcode readers. Accordingly, the transmission of hash values from a mobile device to a computer s camera proves little barrier to adoption. The construction of hash chains and rendering them into visual depiction is likewise straight-forward. Adding this component to a mobile device in a secure way may require some separate hashing hardware and storage for initial hash values; however, device manufacturers may be able to reuse the device s screen and input hardware to reduce costs. While hardware-based hashing operations may significantly improve the security and usability of remote authentication, there are important questions that must be addressed. For example, what happens if the device is lost or stolen? How would the credentials be revoked and how would a user be able to reestablish their identity and control? Research in addressing authentication management techniques is critical to cyber security. E. Resource Allocation To support cloud systems, providers often build efficient data centers with mass storage and computational resources. These centers can perform all the computation for resourceconstrained devices, such as smart phones. However, for other clients, such as a user s desktop machine, the client machine may be able to perform some of the computation. Further, computing on the client may be more efficient, improve performance, and scale better. While not a direct security concern, the mechanisms to offload this computation must protect the computation from any attackers. Opportunities: Improvements to resource allocation schemes and the dynamic determination of what computation to perform in the cloud and what to perform on the client will aid the cloud experience. In particular, these resource decisions must reflect a dynamic network environment: some systems may have low bandwidth connections while others may have excellent connectivity. These systems must be able to take these factors and any network congestion into data transfer and computation location strategies. Distributed computing applications have leveraged volunteered resources from systems across the Internet to perform large-scale computations. Cloud computing systems may also be able to leverage distributed resources in clients in exchange for lower rates or better performance guarantees for their clients. In distributed computing environments, we must have mechanisms to ensure that remote systems are trustworthy and providing correct responses. In current systems, redundancy is used to detect dishonest systems and protect computation accordingly. Innovations to enable trusted distributed computation with minimal redundancy would be preferable. F. Connectivity and Mobility While cloud data storage relieves users of the burden of managing their own data, it also requires connectivity to the cloud. Users may need to use their applications and access their data without the opportunity to connect to their cloud service provider. In this case, the client should be able to prefetch data that the user will likely need during the period of time spent offline. Similar to offloading some computation to clients in Section II-E, selecting the data to offload for offline operation is not directly a security concern, but the transmission, storage, and computation of that data is asecurityconcern. Opportunities: Predictive and opportunistic pre-fetching by mobile and intermittently connected devices are essential to the user experience of cloud systems in several situations. Many factors must be taken into account to efficiently and successfully prefetch necessary data. The client must account for the tasks that the user will likely need to perform, the data that is related to those tasks, the ability of the client s hardware to store that data and to perform the necessary computations, and for mobile devices, the energy constraints of the device. Given that the correct data is selected to be fetched from the cloud servers, these systems must be able to securely transmit and store the data. While some machines may be capable of performing operations on homomorphically encrypted data, it is unlikely that most mobile devices can do so within the constraints of available battery life. As a result, data must be unencrypted for operations, likely by a trusted third party that then re-encrypts it with a symmetric key prior to transmission to the mobile device. III. IMPLICATIONS OF RESEARCH AND ADOPTION Continued adoption and advances in security mechanisms for cloud computing may shift the use of computation, networking, and the cyber security battleground. In particular, this shift may affect malware usage, organizational auditing and insider threat detection, social engineering attacks, and traditional ISP revenue streams. We now discuss each of these implications in detail.

5 A. Rendering Malware Obsolete With secure input/output and a secure connection to a remote destination, an compromised system could still be securely utilized, substantially affecting the utility of malware for adversaries. Input and output components with trusted platform modules (TPMs) and security-enabled interconnects, like HDMI, can allow users and remote resources to encrypt transmission before using a system s general resources (e.g., memory, processor), preventing traditional malware from being effective. The recently announced Intel Insider [10] technology allows a remote resource to stream encrypted video content to a system s GPU, where it is then decrypted and displayed. This approach is designed to prevent software on the system from being able to record the video content. Such an approach could be used for securing user access as well: a Web page could generate a random keyboard for a user to click on to enter their password. If an attacker were unable to see the user s screen, they would be unable to harvest the user s credentials, even if they had full control over the operating system and input devices. While an attacker may be unable to intercept credentials, there may be benefit to compromising systems if they could be used for attacks. Part of cloud computing revolves around clients executing arbitrary code from their server in an isolated environment, preventing the code from affecting other sites or resources. Continued advancements in isolation will prevent Web applications from being able to attack other applications. Accordingly, malware from within a Web application is unlikely to be a significant risk factor. Other malware attacks may be launched from outside Web applications. However, on operating systems that solely support a Web browser, no new applications are likely to be needed. This makes it possible to filter malware. Only operating system updates and updates to the Web browser need be supported on these systems. With proper code signing techniques, only the updates to these critical systems would be authorized, preventing the introduction of any third-party applications. Further, these systems may simply prohibit nonsystem local storage, since all data and applications would be available from cloud-based providers. Accordingly, on these systems, there would be no file-based attack vector. On other systems, malware and exploits may target vulnerabilities in the operating system or Web browser. Even if the attacker were in complete control of the system, they would not have access to the user s data, since it would be housed on remote systems. Instead, attackers may simply attempt to monitor communication between the user and the Web server. Attackers attempting to obtain login or account credentials can be thwarted simply by using one-time password tokens, or the approach proposed in Section II-D, as the information they gain will not be usable. B. ISPs as Cloud Providers Internet Service Providers (ISPs) often lament their continued transition to simple data carriers. They continue to look for mechanisms to compete based on the services they offer while decreasing their overhead costs. For example, services like Akamai serve as content distribution networks and provide caching for popular Web pages. This approach allows an ISP to provide faster service to their clients while reducing the amount of traffic they transmit to peers, reducing costs. By embracing cloud services, these ISPs could provide lower-latency cloud experiences for their users and likewise reduce peering costs. ISPs could then distinguish themselves from their competitors by offering greater services on their clouds. Rather than simply offering connectivity, these organizations could blur the line into becoming content and software providers. ISPs have embraced such models in the past. Cable television providers have explored remote digital video recorder (DVR) services, allowing their users to control a DVR hosted at the cable provider. This allows the cable provider to reduce the amount of customer premise equipment and costs while providing the same quality of service to which users are accustomed. ISPs have also placed themselves in the position of offering software to users. Many high-speed ISPs offer complimentary security software, such as anti-virus, to their users to reduce incidents of infection. Typically, these ISPs contract third-parties to provide this software. By becoming a cloud provider, ISPs can become a hosting provider for third-party software. Rather than become involved in application development, the ISP can simply host software that might otherwise be written for a user s client. The ISP can then market their support for the latest high-end games and applications while indicating they will work on a customer s machine, regardless of processing and video card capabilities while connected to the ISP network. 1) Thin Clients: If ISPs decide to provide their own cloud services as a benefit to subscribers (in much the same way that they have previously used web hosting and services to attract subscribers over the past couple of decades), one natural progression is that ISPs could provide thin clients for free or discounted with a service contract. These thin clients would be designed to perform basic processing and to display information from the ISP s cloud services. Cloud services could also act as an interface between the user and the rest of the Internet. Data that the user requests could be acquired by the ISP s cloud and presented in a manner that requires minimal effort by the user s thin client since most of the computation will be performed on the cloud. 2) Opportunistic Systems: Cloud systems can provide further benefit to mobile users through pre-distributing content to the users during off-peak times. Users have a tendency to charge their mobile devices such as smart phones and laptops overnight and are likely to continue doing so given the lower cost of energy during off-peak hours. This fact can be leveraged to predictively pre-distribute content to mobileusers. By pre-distributing content while mobile devices are not using energy from the battery, we believe we can greatly extend the life of mobile devices. For example, ISPs can provide a service to acquire data that is commonly accessed by the user, such as morning news websites or music, and push them to the user s

6 mobile device shortly before their alarm goes off. Further, the user s mobile device could contact the ISP s cloud services any time it is plugged into a power source and opportunistically utilize cloud services and acquire data to extend battery life. C. Higher-Level Semantic Logging Organizations traditionally gather low-level behaviors of systems to detect the presence of compromise or other attacks on the network. Other systems use application-layer auditing, which may not detect actions that take place outside the application. Finally, insider threat detection systems often rely on low-level system call analysis to profile users and their actions. This direction can be exceedingly difficult: it can be a challenge to relate system calls to their higher-level functions, let alone determine if the action is legitimate. With cloud-based software-as-a-service systems, the software and data are stored on the cloud. Accordingly, the client must routinely synchronize with the cloud. Cloud systems can use this synchronizing to construct an audit log for all access and alterations. This information can be supplied to anomaly detection software and insider threat identification systems. This feedback can also be used to help application designers adapt their software to enhance user productivity. D. Rise in Social Engineering Attackers typically focus on the weakest link in a system. With technical advancements in computer and network security, attackers have focused on deceiving the users of systems. Phishing attacks, in which the attackers impersonate alegitimateinstitutiontogaintheuser strust,areconstantly present on the Internet. Typically, these phishing attacks are successful even with little sophistication. However, dedicated phishers can craft messages that are indistinguishable from legitimate messages and lure users into unsafe practices. With cloud systems, these attacks become more potent. Rather than simply gaining access to a checking account number, phishers in cloud-based systems can gain direct access to all the user s data from the cloud. Modern browsers and software are often unable to effectively explain the problems with untrustworthy systems to users. Further, these programs often produce warnings when a system is actually legitimate (such as a certificate that is recently expired). These warnings desensitize users to actual threats. Instead, systems must increasingly make decisions without relying on the user to determine if the action is safe. E. Barriers to Research Clouds can also make examinations of human behavior and systems more difficult because of their closed nature. As an analogy, we consider and social networking sites. Security researchers could previously analyze corpa to find examples of spam attacks while social networking sites are closed and make research difficult. This lack of openness prevents researchers from detecting Internet-wide threats and understanding the mechanisms attackers are using. This lack of information sharing gives attackers the advantage: they can discover an exploit and use it on multiple sites. Some sites may discover and address the exploit while others may remain oblivious. Cloud systems may be similar: since the interaction between the cloud and its users are private, researchers will be unable to generalize threats and interactions in a way that can benefit everyone. IV. CONCLUSION The continued movement towards cloud computing will have a direct impact on cyber security research. Since pervasive computing has generally focused more on improving functionality and reliability, we see a transition to using a cloud computing backbone in pervasive systems as an opportunity to bring stronger security to pervasive systems. If cyber security researchers are involved in the evolution of this process, they can influence the process and change the current cyber security battlefield to one more amenable to the defenders. Advancements in virtual machine isolation, homomorphic encryption, client authentication, resource management, and secure opportunistic computing will facilitate the adoption of cloud computing while ensuring greater security and privacy for users. ACKNOWLEDGEMENTS This work was sponsored by a contractor of the United States Government under contract DE-AC05-00OR22725 with the United States Department of Energy. The United States Government retains, and the publisher, by accepting this submission for publication, acknowledges that the United States Government retains, a nonexclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this submission, or allow others to do so, for United States Government purposes. REFERENCES [1] B.-G. Chun and P. Maniatis, Augmented smartphone applications through clone cloud execution, in Proceedings of the 12th conference on Hot topics in operating systems. Berkeley, CA, USA: USENIX Association, [2] M. Weiser, The computer for the 21st century, Scientific American, vol. 265, no. 3, pp , January [Online]. Available: [3] J. Stokes, AMD s next-gen GPU powers Crysis on an iphone, [Online]. Available: 09/amds-next-gen-gpu-powers-crysis-on-an-iphone.ars [4] M. Satyanarayanan, P. Bahl, R. Caceres, and N. Davies, The case for vm-based cloudlets in mobile computing, IEEE Pervasive Computing, vol. 8, pp , October [Online]. Available: [5] X. Jiang and J. A. Landay, Modeling privacy control in context-aware systems, IEEE Pervasive Computing, vol. 1, pp , July [Online]. Available: [6] C. Gentry and S. Halevi, A working implementation of fully homomorphic encryption, in EUROCRYPT, [7] C. Gentry, Computing arbitrary functions of encrypted data, Communications of the ACM, vol.53,no.3,pp ,2010. [8] A. Jacobs and M. Helft. (2010) Google, citing attack, threatens to exit china. [Online]. Available: asia/13beijing.html [9] J. Rouillard, Contextual QR codes, in Computing in the Global Information Technology, ICCGI 08. The Third International Multi-Conference on, Aug.2008,pp [10] N. Knupffer, Intel insider - what is it? Jan [Online]. Available: insider - what is it no.php

Challenges in Securing the Interface Between the Cloud and Pervasive Systems

Challenges in Securing the Interface Between the Cloud and Pervasive Systems Challenges in Securing the Interface Between the Cloud and Pervasive Systems Brent Lagesse Cyberspace Science and Information Intelligence Research Computational Sciences and Engineering Oak Ridge National

More information

Mobile Hybrid Cloud Computing Issues and Solutions

Mobile Hybrid Cloud Computing Issues and Solutions , pp.341-345 http://dx.doi.org/10.14257/astl.2013.29.72 Mobile Hybrid Cloud Computing Issues and Solutions Yvette E. Gelogo *1 and Haeng-Kon Kim 1 1 School of Information Technology, Catholic University

More information

Back to the Future: Securing your Unwired Enterprise

Back to the Future: Securing your Unwired Enterprise Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has

More information

Securing mobile devices in the business environment

Securing mobile devices in the business environment IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

Seminar: Security Metrics in Cloud Computing (20-00-0577-se)

Seminar: Security Metrics in Cloud Computing (20-00-0577-se) Technische Universität Darmstadt Dependable, Embedded Systems and Software Group (DEEDS) Hochschulstr. 10 64289 Darmstadt Seminar: Security Metrics in Cloud Computing (20-00-0577-se) Topics Descriptions

More information

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this

More information

Base One's Rich Client Architecture

Base One's Rich Client Architecture Base One's Rich Client Architecture Base One provides a unique approach for developing Internet-enabled applications, combining both efficiency and ease of programming through its "Rich Client" architecture.

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

Module 1: Facilitated e-learning

Module 1: Facilitated e-learning Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1

More information

Security challenges for internet technologies on mobile devices

Security challenges for internet technologies on mobile devices Security challenges for internet technologies on mobile devices - Geir Olsen [geiro@microsoft.com], Senior Program Manager for Security Windows Mobile, Microsoft Corp. - Anil Dhawan [anild@microsoft.com],

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Ten Tips for Managing Risks on Convergent Networks The Risk Management Group

Ten Tips for Managing Risks on Convergent Networks The Risk Management Group Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,

More information

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web

More information

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Beyond passwords: Protect the mobile enterprise with smarter security solutions IBM Software Thought Leadership White Paper September 2013 Beyond passwords: Protect the mobile enterprise with smarter security solutions Prevent fraud and improve the user experience with an adaptive

More information

Server Based Desktop Virtualization with Mobile Thin Clients

Server Based Desktop Virtualization with Mobile Thin Clients Server Based Desktop Virtualization with Mobile Thin Clients Prof. Sangita Chaudhari Email: sangita123sp@rediffmail.com Amod N. Narvekar Abhishek V. Potnis Pratik J. Patil Email: amod.narvekar@rediffmail.com

More information

"Secure insight, anytime, anywhere."

Secure insight, anytime, anywhere. "Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others

More information

Middleware- Driven Mobile Applications

Middleware- Driven Mobile Applications Middleware- Driven Mobile Applications A motwin White Paper When Launching New Mobile Services, Middleware Offers the Fastest, Most Flexible Development Path for Sophisticated Apps 1 Executive Summary

More information

Keyfort Cloud Services (KCS)

Keyfort Cloud Services (KCS) Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

Implementing two-factor authentication: Google s experiences. Cem Paya (cemp@google.com) Information Security Team Google Inc.

Implementing two-factor authentication: Google s experiences. Cem Paya (cemp@google.com) Information Security Team Google Inc. Implementing two-factor authentication: Google s experiences Cem Paya (cemp@google.com) Information Security Team Google Inc. Google services and personalization Identity management at Google 1. Internal

More information

What Do You Mean My Cloud Data Isn t Secure?

What Do You Mean My Cloud Data Isn t Secure? Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there

More information

Kaspersky Security 10 for Mobile Implementation Guide

Kaspersky Security 10 for Mobile Implementation Guide Kaspersky Security 10 for Mobile Implementation Guide APPLICATION VERSION: 10.0 MAINTENANCE RELEASE 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful

More information

Basic Security Considerations for Email and Web Browsing

Basic Security Considerations for Email and Web Browsing Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable

More information

Cloud computing: benefits, risks and recommendations for information security

Cloud computing: benefits, risks and recommendations for information security Cloud computing: benefits, risks and recommendations for information security Dr Giles Hogben Secure Services Programme Manager European Network and Information Security Agency (ENISA) Goals of my presentation

More information

DEVELOP MOBILE APPLICATIONS WITH ORACLE ADF MOBILE

DEVELOP MOBILE APPLICATIONS WITH ORACLE ADF MOBILE Disclaimer: The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver

More information

Mobile Application Testing

Mobile Application Testing Mobile Application Testing Whitepaper Author: Scott Aziz Date: June 1, 2012 This whitepaper outlines the critical areas of testing needed to certify mobile enterprise applications Best practices from UST

More information

Multi-factor authentication

Multi-factor authentication CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL

More information

Sticky Password 7. Sticky Password 7 is the latest, most advanced, portable, cross platform version of the powerful yet

Sticky Password 7. Sticky Password 7 is the latest, most advanced, portable, cross platform version of the powerful yet Sticky Password 7 Reviewer Guide Introduction Sticky Password 7 is the latest, most advanced, portable, cross platform version of the powerful yet simple password manager and form-filler. Its main goal

More information

Enhancing Organizational Security Through the Use of Virtual Smart Cards

Enhancing Organizational Security Through the Use of Virtual Smart Cards Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company

More information

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0 White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative

More information

Multi Factor Authentication API

Multi Factor Authentication API GEORGIA INSTITUTE OF TECHNOLOGY Multi Factor Authentication API Yusuf Nadir Saghar Amay Singhal CONTENTS Abstract... 3 Motivation... 3 Overall Design:... 4 MFA Architecture... 5 Authentication Workflow...

More information

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow Michael Seltzer COMP 116: Security Final Paper Client Side Encryption in the Web Browser Mentor: Ming Chow 1 Abstract Web service providers generally look to encryption as a means of ensuring data privacy

More information

Business Case for Voltage SecureMail Mobile Edition

Business Case for Voltage SecureMail Mobile Edition WHITE PAPER Business Case for Voltage SecureMail Mobile Edition Introduction Mobile devices such as smartphones and tablets have become mainstream business productivity tools with email playing a central

More information

Next Generation Cloud Computing Issues and Solutions

Next Generation Cloud Computing Issues and Solutions Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,

More information

Kony Mobile Application Management (MAM)

Kony Mobile Application Management (MAM) Kony Mobile Application Management (MAM) Kony s Secure Mobile Application Management Feature Brief Contents What is Mobile Application Management? 3 Kony Mobile Application Management Solution Overview

More information

The Encryption Anywhere Data Protection Platform

The Encryption Anywhere Data Protection Platform The Encryption Anywhere Data Protection Platform A Technical White Paper 5 December 2005 475 Brannan Street, Suite 400, San Francisco CA 94107-5421 800-440-0419 415-683-2200 Fax 415-683-2349 For more information,

More information

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication Page 1 of 8 Introduction As businesses and consumers grow increasingly reliant on the Internet for conducting

More information

My CEO wants an ipad now what? Mobile Security for the Enterprise

My CEO wants an ipad now what? Mobile Security for the Enterprise My CEO wants an ipad now what? Mobile Security for the Enterprise Agenda Introductions Emerging Mobile Trends Mobile Risk Landscape Response Framework Closing Thoughts 2 Introductions Amandeep Lamba Manager

More information

WHITE PAPER Usher Mobile Identity Platform

WHITE PAPER Usher Mobile Identity Platform WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction

More information

Data Loss Prevention in the Enterprise

Data Loss Prevention in the Enterprise Data Loss Prevention in the Enterprise ISYM 525 Information Security Final Paper Written by Keneth R. Rhodes 12-01-09 In today s world data loss happens multiple times a day. Statistics show that there

More information

Information Security It s Everyone s Responsibility

Information Security It s Everyone s Responsibility Information Security It s Everyone s Responsibility The University of Texas at Dallas Information Security Office (ISO) Purpose of Training Information generated, used, and/or owned by UTD has value. Because

More information

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.

More information

Integrating Single Sign-on Across the Cloud By David Strom

Integrating Single Sign-on Across the Cloud By David Strom Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio

More information

Security Architecture Whitepaper

Security Architecture Whitepaper Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

Statement of Direction

Statement of Direction Mobile First: Taking Mobile CRM to the Next Level 1 January 2013 Mobile First: Taking Mobile CRM to the Next Level Whitepaper Mobile First: Taking Mobile CRM to the Next Level 2 Table of Contents Notes...

More information

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user

More information

Guide to Evaluating Multi-Factor Authentication Solutions

Guide to Evaluating Multi-Factor Authentication Solutions Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Device-Centric Authentication and WebCrypto

Device-Centric Authentication and WebCrypto Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the

More information

Cloud Computing for SCADA

Cloud Computing for SCADA Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft Larry

More information

Media Shuttle s Defense-in- Depth Security Strategy

Media Shuttle s Defense-in- Depth Security Strategy Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among

More information

HTML5 and security on the new web

HTML5 and security on the new web HTML5 and security on the new web By James Lyne, Director of Technology Strategy There are lots of changes happening to the key technologies that power the web. The new version of HTML, the dominant web

More information

Cloud Computing. What is Cloud Computing?

Cloud Computing. What is Cloud Computing? Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited

More information

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence White Paper Vodafone Global Enterprise 3 The Apple iphone has become a catalyst for changing the way both users

More information

Building Secure Multi-Factor Authentication

Building Secure Multi-Factor Authentication Building Secure Multi-Factor Authentication Three best practices for engineering and product leaders Okta Inc. I 301 Brannan Street, Suite 300 I San Francisco CA, 94107 info@okta.com I 1-888-722-7871 Introduction

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

WHITE PAPER. Understanding How File Size Affects Malware Detection

WHITE PAPER. Understanding How File Size Affects Malware Detection WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through

More information

Enterprise SSO Manager (E-SSO-M)

Enterprise SSO Manager (E-SSO-M) Enterprise SSO Manager (E-SSO-M) Many resources, such as internet applications, internal network applications and Operating Systems, require the end user to log in several times before they are empowered

More information

Perspectives on Cybersecurity in Healthcare June 2015

Perspectives on Cybersecurity in Healthcare June 2015 SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright

More information

SiteCelerate white paper

SiteCelerate white paper SiteCelerate white paper Arahe Solutions SITECELERATE OVERVIEW As enterprises increases their investment in Web applications, Portal and websites and as usage of these applications increase, performance

More information

A Security Survey of Strong Authentication Technologies

A Security Survey of Strong Authentication Technologies A Security Survey of Strong Authentication Technologies WHITEPAPER Contents Introduction... 1 Authentication Methods... 2 Classes of Attacks on Authentication Mechanisms... 5 Security Analysis of Authentication

More information

Recommended Practice Case Study: Cross-Site Scripting. February 2007

Recommended Practice Case Study: Cross-Site Scripting. February 2007 Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber

More information

Chapter 4 Application, Data and Host Security

Chapter 4 Application, Data and Host Security Chapter 4 Application, Data and Host Security 4.1 Application Security Chapter 4 Application Security Concepts Concepts include fuzzing, secure coding, cross-site scripting prevention, crosssite request

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

Brainloop Cloud Security

Brainloop Cloud Security Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating

More information

WEB ATTACKS AND COUNTERMEASURES

WEB ATTACKS AND COUNTERMEASURES WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Driving Company Security is Challenging. Centralized Management Makes it Simple. Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary

More information

Cloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015

Cloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015 Cloud Computing Policy Effective Date: July 28, 2015 1.0 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually

More information

Desktop Virtualization Technologies and Implementation

Desktop Virtualization Technologies and Implementation ISSN : 2250-3021 Desktop Virtualization Technologies and Implementation Pranit Patil 1, Shakti Shekar 2 1 ( Mumbai, India) 2 (Mumbai, India) ABSTRACT Desktop virtualization is new desktop delivery method

More information

NEXT GENERATION ARCHIVE MIGRATION TOOLS

NEXT GENERATION ARCHIVE MIGRATION TOOLS NEXT GENERATION ARCHIVE MIGRATION TOOLS Cloud Ready, Scalable, & Highly Customizable - Migrate 6.0 Ensures Faster & Smarter Migrations EXECUTIVE SUMMARY Data migrations and the products used to perform

More information

Secure Web Gateways Buyer s Guide >

Secure Web Gateways Buyer s Guide > White Paper Secure Web Gateways Buyer s Guide > (Abbreviated Version) The web is the number one source for malware distribution. With more than 2 million 1 new pages added every day and 10,000 new malicious

More information

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security

More information

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved.

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved. THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from

More information

Virtualization and Windows 7

Virtualization and Windows 7 9 Chapter Virtualization and Windows 7 Information in this Chapter Windows XP Mode Many Forms of Virtualization Summary Windows Virtual PC is an optional component of Windows 7 Professional, Enterprise,

More information

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM Consumerization Managing the BYOD trend successfully WWW.WIPRO.COM Harish Krishnan, General Manager, Wipro Mobility Solutions Employees dictate IT Enterprises across the world are giving in to the Consumerization

More information

Major Risks and Recommended Solutions

Major Risks and Recommended Solutions Major Risks and Recommended Solutions www.icdsecurity.com OVERVIEW Are you familiar with the main security risks that threaten data centers? This paper provides an overview of the most common and major

More information

5 tips. awesome. mobile. enterprise. apps. An introduction to great app development using motwin Platform

5 tips. awesome. mobile. enterprise. apps. An introduction to great app development using motwin Platform 5 tips build to awesome mobile enterprise apps. An introduction to great app development using motwin Platform 1. Real-Time Data Streaming Ensure that the data your user access is dynamic and up-todate.

More information

Technical Standards for Information Security Measures for the Central Government Computer Systems

Technical Standards for Information Security Measures for the Central Government Computer Systems Technical Standards for Information Security Measures for the Central Government Computer Systems April 21, 2011 Established by the Information Security Policy Council Table of Contents Chapter 2.1 General...

More information

Google Identity Services for work

Google Identity Services for work INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new

More information

Security Benefits of Cloud Computing

Security Benefits of Cloud Computing Security Benefits of Cloud Computing FELICIAN ALECU Economy Informatics Department Academy of Economic Studies Bucharest ROMANIA e-mail: alecu.felician@ie.ase.ro Abstract: The nature of the Internet is

More information

How cloud computing can transform your business landscape.

How cloud computing can transform your business landscape. How cloud computing can transform your business landscape. This whitepaper will help you understand the ways cloud computing can benefit your business. Introduction It seems like everyone is talking about

More information

Xerox Mobile Print Cloud

Xerox Mobile Print Cloud September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United

More information

Centralized Self-service Password Reset: From the Web and Windows Desktop

Centralized Self-service Password Reset: From the Web and Windows Desktop Centralized Self-service Password Reset: From the Web and Windows Desktop Self-service Password Reset Layer v.3.2-007 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200

More information

MENDIX FOR MOBILE APP DEVELOPMENT WHITE PAPER

MENDIX FOR MOBILE APP DEVELOPMENT WHITE PAPER MENDIX FOR MOBILE APP DEVELOPMENT WHITE PAPER TABLE OF CONTENTS Market Demand for Enterprise Mobile Mobile App Development Approaches Native Apps Mobile Web Apps Hybrid Apps Mendix Vision for Mobile App

More information

WHITE PAPER. Mobile Document Management. with eakte2go*

WHITE PAPER. Mobile Document Management. with eakte2go* WHITE PAPER Mobile Document Management with eakte2go* Contents The New World of Apps... 3 Electronic files for businesses... 3 Government Agencies as a Modern Employer... 4 The eakte2go App... 5 An Opportunity:

More information

Data Storage Security in Cloud Computing

Data Storage Security in Cloud Computing Data Storage Security in Cloud Computing Prashant M. Patil Asst. Professor. ASM s, Institute of Management & Computer Studies (IMCOST), Thane (w), India E_mail: prashantpatil11@rediffmail.com ABSTRACT

More information

Inventory and Analytics for Browser-based Applications in the Enterprise

Inventory and Analytics for Browser-based Applications in the Enterprise Inventory and Analytics for Browser-based Applications in the Enterprise Introduction Times are changing. Desktop and client/server business applications (collectively referred to as native applications

More information

Mobile Device Management

Mobile Device Management 1. Introduction Mobile Device Management This document introduces security risks with mobile devices, guidelines for managing the security of mobile devices in the Enterprise, strategies for mitigating

More information

Office 365 SharePoint Online White Paper

Office 365 SharePoint Online White Paper Office 365 SharePoint Online White Paper Introduction Overview Cloud computing is slowly changing the way IT companies are offering their software solutions and services. Through cloud computing, IT companies

More information

Convenience and security

Convenience and security Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.

More information

Invention Title: Invention Summary: Invention Description: Invention. Value/Customers: Differences:

Invention Title: Invention Summary: Invention Description: Invention. Value/Customers: Differences: Title: Summary: Description: Secure home edelivery without the public Internet Businesses such as USPS, FedEx and UPS have national or global distribution networks, widely available local outlets and frequent

More information

How to Avoid Data Leakage from Mobile Enterprise Apps:

How to Avoid Data Leakage from Mobile Enterprise Apps: White paper How to Avoid Data Leakage from Mobile Enterprise Apps: Use the Cloud OVerVieW One of the biggest challenges facing IT today is the inherent insecurity of mobile devices now being used by the

More information

How cloud computing can transform your business landscape

How cloud computing can transform your business landscape How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not

More information

An Overview of Samsung KNOX Active Directory and Group Policy Features

An Overview of Samsung KNOX Active Directory and Group Policy Features C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information